How do I stop my internal IP address being viewable externally?

Your internal address was viewable by which site? I seem to recall that there was a site which used javascript to inaccurately describe such a situation, making it appear that the internal address was viewable to the public when in fact it was not.

Reply to
Anthony Boynes
Loading thread data ...

Yup, that is the site. Disable javascript, close your browser, and then retry it. Since javascript is primarily client side, it is trivial to place your local address in the page using it.

I think you will see, as I did, that it doesn't work after you do that.

Reply to
Anthony Boynes

For an external port scan I would recommend either

formatting link
or
formatting link
And of course these are just port scans. They won't tell you if you need a patch for your operating system or a particular application.

Anthony Boynes

Reply to
Anthony Boynes

The problem with that site seeing your ip is the use of javascript, not a particular browser.

Anthony Boynes

Reply to
Anthony Boynes

Stop reading spam, and stop clicking links in spam!

Reply to
Arthur Hagen
[...]

Internal IP ... as in the one on your LAN, e.g. 192.168.x.x ? Or your WAN IP, the one allocated by your ISP?

Which site did you visit?

Reply to
Tx2

Does having it enabled pose a security threat?

I too am concerned my internal IP was visible, but i feel turning javascript off may prohibit my enjoyment of certain web sites.

I access the net via an ADSL router, and run a software firewall too, but if a simple web site can get access to that kind of info, what could someone with malicious intent do?

Reply to
Tx2

Any scripting can be a threat, and yes, it's needed for many sites. What you need to do is setup your browser to be secure, meaning that you set the Internet Zone to highest security, then set the Trusted Zone to Medium and add sites that you trust into the Trusted Zone. This will reasonably protect you while browsing, but, if you've added a site in the Trusted Zone it will work normally.

You could also use FireFox 1.0 for browsing the web normally and then use IE only for sites that you trust.

Reply to
Leythos

"Tony Cooke" wrote in news: snipped-for-privacy@dnews.tpgi.com.au:

If MSJava runtime machine is running or Sun's Java runtime running, then disable them and try the test. I think the site is running some kind of Java applet on the browser that's pulling the internal IP so that you can see it at the site. You could disable the run of Java applets at the browser level that will stop it too.

Duane :)

Reply to
Duane Arnold

Wrong, it is _not_ a NAT problem but one that is related to an insecure configuration of your browser. Disable all possibilities to execute code by the browser (ActiveX, embedded programming languages).

Wolfgang

Reply to
Wolfgang Kueter

I currently use Firefox 1.0PR, and rarely use IE, so that site found my IP even though i was using a 'preferred' browser.

I'm downloading Firefox 1.0 as i type ...

Reply to
Tx2

Please discuss that with those people who call themselves 'web-designers'.

Read:

formatting link
Wolfgang

Reply to
Wolfgang Kueter

I'd add

formatting link
:-)

Regards

Reply to
ObiWan

Excellent link. I'll check these out - there are plenty to look at!

Reply to
Tosca

SecuritySpace has various free security audits as well as audits that cost money:

formatting link
I was impressed enough with their free services that when I brought my server in-house, I shelled out real money for their Small Office/Home Office Bundled Package that includes networking monitoring, a monthly security audit, and unlimited website analysis.

Reply to
Ken

Hi all.

I went to a firewall testing site and ran a check over my IP address and the first problem that came back was my internal IP address was viewable to the site.

I know this is a NAT problem but my ADSL (modem/router/firewall) manual is fairly light-on.

Does anyone know what I need to set up to fix this (without having to specify my config, etc).

Thanks in advance for any help.

All the best, Tony

Reply to
Tony Cooke

Hi Anthony.

Firstly, thanks for replying.

The address is

formatting link
All the best, Tony

Reply to
Tony Cooke

Hi.

Internal IP (192.168.x.x).

I visited

formatting link
Thanks.

Reply to
Tony Cooke

Yep, that did it. Thanks Anthony.

I thought I had a BIG hole in my security there for a second.

Is there any site that you can recommend that gives a fairly good ("real") audit of a site/IP address?

Thanks again for your help.

I greatly appreciate it.

All the best, Tony

Reply to
Tony Cooke

Hi Wolfgang.

Actually it turned out to be a javascript issue. I made sure beforehand that ActiveX was off and I think M$ has it off by default anyway.

Thanks for you reply by the way. I greatly appreciate it.

All the best, Tony

Reply to
Tony Cooke

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.